Vulnerabilities and security researches forwp-voting-contest wp-voting-contest

Jun 07, 2024

CVE, Research URL: CVE-2022-0321
Home page URL: Security reports for WP Voting Contest Lite
Application: WP Voting Contest Lite
Date: Mar 14, 2022
Research Description: The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the post_id parameter before outputting it back in the response via the wpvc_social_share_icons AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue
Affected versions: Min -, max -.
Status: vulnerable

Jun 25, 2025

CVE, Research URL: CVE-2025-50017
Home page URL: Security reports for WP Voting Contest Lite
Application: WP Voting Contest Lite
Date: Jun 20, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt WP Voting Contest allows Stored XSS. This issue affects WP Voting Contest: from n/a through 5.8.
Affected versions: Min -, max -.
Status: vulnerable